Author
Topic: Strange firewall filtering behavior (Read 734 times)

I'm noticing some funky behavior. Has anyone experienced something similar? Do I need to reboot the firewall? Do I need to wipe clean and start over with fresh configs?

OPNsense version: OPNsense 18.1.1-amd64Last reboot: 1.5 days ago

Rules are as simple and basic as I can make it

Brother's IP is in the pfTables and still in the tables right now

Brother was able to access services from WAN to my LAN for several days

Didn't make any changes to firewall

Today, the same IP he's been using for the past few days doesn't get filtered by the "allow" rule but instead gets filtered by the Default Deny rule. Thus, he was blocked for some strange reason despite no changes made.

After that, if IPS is not in the way and IPs are still blocked, activate log for every FW rule you have: by default, on custom rules the logging is not ON, so it's difficult to see which packet matches a particular rule, and vice-versa.